package lrl.core.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

import lrl.core.constant.Constant;
import lrl.core.permission.PermissionCheck;
import lrl.nsfw.user.entity.User;

public class LoginFilter implements Filter {

	@Override
	public void destroy() {
		
	}

	@Override
	public void doFilter(ServletRequest arg0, ServletResponse arg1,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) arg0;
		HttpServletResponse response = (HttpServletResponse) arg1;
		String uri = request.getRequestURI();
		
		if (!uri.contains("sys/login_")) {
			if (request.getSession().getAttribute(Constant.USER) != null) {
				if (uri.contains("/nsfw/")) {
					User user = (User) request.getSession().getAttribute(Constant.USER);
					
					WebApplicationContext applicationContext = WebApplicationContextUtils.getWebApplicationContext(request.getSession().getServletContext());
					PermissionCheck pCheck = (PermissionCheck) applicationContext.getBean("permissionCheck");
					if (pCheck.isAccessible(user, "nsfw")) {
						
						chain.doFilter(request, response);
					} else {
						response.sendRedirect(request.getContextPath() + "/sys/login_noPermissionUI.action");
					}
					
				} else {
					chain.doFilter(request, response);
				}
			} else {
				response.sendRedirect(request.getContextPath() + "/sys/login_loginUI.action");
			}
		} else {
			chain.doFilter(request, response);
		}
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {

	}

}
